Symantec Encryption Management Server Web Email Protection users running Internet Explorer 9 or 10 with the MS13-055: Cumulative Security Update for Internet Explorer: July 9, 2013 (KB2846071) update installed cannot add attachments to messages.
The problem occurs when a user tries to add an attachment to a Web Email Protection message doing the following:
Create a new message or reply to an existing one.
This type of problem is acknowledged by Microsoft in the Known issues with this security update section of MS13-055:
After you install the security update for Internet Explorer 9 or for Internet Explorer 10 that is described in Microsoft security bulletin MS13-055, you may experience the following issues when you access some websites:
No error is displayed for the user and the Symantec Encryption Management Server Web Email Protection log shows only the following when the user with email address [email protected] is replying to a message and trying to add an attachment:
2013/07/17 17:21:45 +01:00 INFO pgp/wm: 10.12.39.241 [email protected] Login
2013/07/17 17:21:45 +01:00 INFO pgp/wm: 10.12.39.241 [email protected] Session initiated
2013/07/17 17:21:45 +01:00 NOTICE pgp/wm: 10.12.39.241 [email protected] read message <[email protected]>
2013/07/17 17:22:01 +01:00 INFO pgp/wm: 10.12.39.241 [email protected] Session terminated
This issue is caused by the KB2846071 hotfix which is described in Microsoft Security Bulletin MS13-055 published on 2013-07-09. Many users of Internet Explorer 10 will have it applied automatically via Windows Update. Users with Internet Explorer 9 who have installed the update are also affected.
Use the following steps to determine if KB2846071 hotfix update is installed.
Update Internet Explorer to MS13-059: Cumulative security update for Internet Explorer: August 13, 2013 (KB 2862772). By default, users of IE 10 will receive this update automatically. Alternatively, it can be downloaded for IE 9 from here or for IE 10 from here.
This Microsoft update corrects the problem with IE 9 and IE 10 that was introduced with MS13-055.
The following have been tested, but this issue may affect all versions of Symantec Encryption Management Server and PGP Universal Server:
Please note that the following versions of Windows and Internet Explorer do not exhibit this problem: